Modified By The Government Under New Surveillance Laws
The new law grants the Australian police unprecedented power for online surveillance, data intercept and data alteration. These powers, as outlined in the Surveillance Legislation Amendment Bill (Identify and Disrupt). Raise concerns about potential misuse, privacy, and security.
The bill amends the Surveillance Devices Act 2004 as well as the Telecommunications (Interception, Access) Act 1979. It allows law enforcement agencies and authorities (such the Australian Federal Police or the Australian Criminal Intelligence Commission), to add, delete, copy, or modify data in the investigation of serious online crimes.
Human Rights Law Centre claims that the bill lacks sufficient safeguards for freedom of speech and press freedom. Digital Rights Watch labels it a warrantless surveillance system” and points out that the government failed to follow the recommendations of a bipartisan committee to limit the power granted by the law. Furthermore, criminal hackers may be able to access computers through the same vulnerabilities as the government by legal hacking.
What Is The Surveillance Law?
The bill gives law enforcement agencies three new powers:
- Data disruption warrants permit authorities to disrupt data by copying, deleting, or modifying it as they see fit
- Network Activity warrants allow the collection of intelligence from devices and networks that are likely to be use or use by the warrantee.
- Agents can use account taking over warrants to take control of online accounts (such as social media accounts) in order to collect information for investigations.
- Under certain circumstances, there is an emergency authorization procedure that permits these activities without the need for a warrant.
What Is The Difference Between This And Previous Laws?
Telecommunications (Interception and Access) Act 1979 and Telecommunications Act 1997 had greater privacy protections. These laws and others, such as the Surveillances Devices Act 2004 allow law enforcement agencies to intercept and access communications and data in certain circumstances.
The new bill grants agencies unprecedented interception and hacking powers. The bill also permits assistance orders, which can require certain individuals to help government hacking or face up to ten years imprisonment.
Police Surveillance Argue That This Bill Is Necessary
According to the Department of Home Affairs (DOH), more criminal activity uses the dark Web and anonymising technology. These new technologies require more power than ever before.
We believe that targeted and specific access to user’s information and activities is necessary to identify terrorists and criminals. Some cases may require law enforcement agencies to modify, delete or copy content from users in order to stop child exploitation. The key to protecting national and public security in the global fight against cybercrimes is lawful interception.
What Is Lawful Data Interception Surveillance?
Lawful Interception refers to a network technology that permits electronic surveillance of communications as authorized by judicial or administrative orders. This is possible because there are standards (which can be describe as regulations and rules) that allow telecommunications and internet service providers to accomplish this. These include those recommended by The European Telecommunications Standards Institute.
Service providers may be require to give copies of communications data, encrypted data, or intercept information to law enforcement agencies. Service providers might also be require to provide analytical tools, such as charts or graphs of target behaviours.
What Privacy Concerns Are There?
Privacy concerns have been raised by the Office of the Australian Information Commissioner as well as others. Third parties may be affected by the bill even if they are not involved in criminal investigation. The bill may allow access to computers, communications, and data of third parties.
According to the Human Rights Law Centre, the proposed broad powers could potentially make it possible for anyone with the necessary knowledge about the target computer or network to hacking activities. This could in some cases conflict with an individual’s freedom from self-incrimination.
It is also an issue of grave concern that law enforcement agencies can modify evidence in criminal proceedings. It will be crucial to prevent data disruptions and detect them early.
The Privacy Act 1988, which was created to protect and promote privacy and regulate Australian government agencies and organizations, must be followed when the warrants are being executed. It is important to strike a balance between privacy and public safety in cases where some agencies are exempt from the Privacy Act.
What Security Concerns And Their Impacts Are There?
The Identify and Disrupt Bill forms part of a comprehensive set of Australian digital surveillance laws. These include the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (TOLA) and the Telecommunications (Interception and Access Amendment (Data Retention) Act 2015 (the Mandatory Metadata Retention Scheme).
The Identify and Disrupt Bill allows for access to encrypted data that can be deleted, modified, copied and analysed before their relevance can be determined. This compromises the privacy of users and their digital rights.
Hackers often find other weaknesses in modern encryption systems to gain access to encrypted data. Modern encryption is difficult to crack. These vulnerabilities are also being use by governments for lawful hacking.
They rely on zero day exploits, which are software vulnerabilities. That not known to developers or software vendors, to hack into systems. These vulnerabilities can exploit for many months, or even years, before being fix.